Robinson E, McQuaid R, Webb A & Webster W (2021) Digital Skills Escalator for cyber security in Stirling, Scotland [ESCALATOR STIRLING FINAL Report 310821]. EU ERASMUS+. Stirling. https://escalate.projects.uvt.ro/
The global cyber security workforce is a fast-growing area of well-paid jobs (salaries £22-90,000 in Scotland), with an estimated required growth of around 89% in the next few years ((ISC)2 Cybersecurity Workforce Study, 2020). In Europe alone the shortage is 168,000 with similar shortages and high growth requirements likely in the UK, Scotland. This is a fast changing sector with hackers and criminals constantly raising new and often innovative problems, suggesting a need for a flexible approach to staffing, education and a flexible skills development pipeline throughout the Cyber security sector.
The Stirling area in central Scotland is the main focus of this report, which is highly embedded and interconnected with the rest of Scotland. Hence what happens in the Stirling area is greatly influenced by the Scottish context and policies, as well as UK industry and organisations and Scottish and UK central governments. Stirling is well-suited to the development in cyber security training and employment, due to the large number of skilled graduates from HEIs in the area, as well as several employers in the field, both within Stirling itself, and the neighbouring cities of Glasgow and Edinburgh. It is not a complete census of related training or firms.
This report illustrates a ‘Proof of Concept’ of the potential use of a Digital Skills Escalator, particularly in relation to cyber security, focusing on the Stirling region in central Scotland. The Digital Escalator is a concept that refers to a pipeline of skills (or more accurately a ‘funnel of skills’ from basic to highly specialised expert levels) linked to a specific smart specialisation sector, represented by a multi-level skills map where people can join or complete their skills journey at different stages.
The Escalator Model is not intended to be a fixed journey from school to Higher Education and Continuing Professional Development (CPD) but instead is designed for people to enter and leave along its path when necessary. Its purpose is to promote discussion, engagement and coordinated partnership activity. While its focus is on formal training and education, it also incorporates work and other experience and informal learning.
The research included desk-based research and 8 interviews with public and private bodies and trades unions.
General recommendations for actions to help fill in the digital skills and cyber security skills gap include:
1. Increased investment in school staff and equipment, as well as focussing on helping more graduates go into computer science and cyber security teaching, and improving the curriculum were recommended by more than one of the interviewees. Providing a safe technological and educational environment for developing cyber security skills, for example shared specialist software and hardware in the area of training on ethical hacking, is essential for students at all levels of education.
2. Greater employer involvement with schools, including expanding the National Progression Award courses, and encouraging children and parents to see computing science and cyber security as a viable career choice, will help to cement the school as playing a foundational role for young people.
3. Increasing the employability of college and university graduates is important, particularly by addressing the digital skills gap, and especially for students with little previous exposure in this area and those from disadvantaged backgrounds. Training facilities such as dedicated tech centres and bootcamp courses for college and HE students to learn relevant coding languages could be co-funded or co-supplied by employers. Students could be offered placements at local organisations which would strengthen the links between businesses, FEs and HEIs as well as provide a fresh talent pool for employers.
4. Investing in colleges through increasing the number of applied or practically-oriented courses, as well as apprenticeships and workplace-based learning models (similar to Graduate Apprenticeships co-delivered by colleges/universities and host organisations/ employers). In addition, better conversion pathways for continuing education in the cyber security specialism should be collectively developed by FE sand HEIs.
5. Increasing investment in the provision of workplace training, funded or co-funded by employers, unions, and the government, to ensure a basic level of cyber security and digital skills, as well as opportunities for specialist skills development and potential pathways for career changes for existing workforce. In particular, digital skills and cyber-security focused work-based training organised and championed by employers and unions needs further and continuous support to bridge the skill gaps across the workforce and offer new career opportunities for workers across economic sectors. For example, a union learning fund could include a cyber security skills element in relevant projects in Scotland.
This report provides an indicative summary of the potential pathways to digital skills development in the current skills system in Scotland, from the lowest to the highest qualification level courses. It focuses on formal education qualifications, but fully recognises the importance of actual on the job learning and professional courses, experiential learning, and mentoring.
This report now presents: a background to the ESCALATE Project; the concept of a Skills Escalator; the context of cyber security in Stirling and Scotland; the digital Skills Escalator for cyber security in Stirling; aligned Investments; and skills priorities and recommendations.